Cybercrime Takes a Toll on UK Online Consumer Behavior

Cybercrime results in lasting wariness among consumers

The impact of cybercrime is significant for both businesses and consumers alike. The Ponemon Institute estimated that in 2012 cybercrime cost the UK businesses it studied an average of £2.1 million ($3.3 million) each. On the consumer side, the pervasive reach of cybercrime is clear as well.

In a January 2013 survey of over 2,000 UK internet users by Deloitte UK and Ipsos Mori, 65% of respondents said they'd received "phishing" emails representing fictitious sweepstakes or had sent money in an attempt to release nonexistent "winnings."

A third of respondents had visited what they thought was the webpage of a well-known brand, only to find a fraudulent site operated by a third party; one-quarter reported having personal information lost or stolen through a malware attack.

As a result, UK consumers continue to be gun-shy about which companies they trust online. Over half—59%—said they were concerned about security when buying products online. Just 11% disagreed. Two-thirds of respondents also said they were more likely to use companies that go out of their way to reassure them of their commitment to security and data protection.

Despite their interest in strong security measures, digital consumers in the UK are not particularly confident that the security situation is improving: Just 27% said they trusted companies with payment details more than they used to, while 22% said they trusted them less.

This undercurrent of distrust speaks to one of Deloitte's central findings: Cybercrime alters consumer behavior. For instance, of UK consumers who visited a fraudulent copy of a brand's site, 32% reported ceasing to patronize the brand they thought was responsible—often the brand whose page they were trying to visit, which was not directly involved in the bad experience. And being the direct victim of a cybercrime has consequences for consumers that ripple outward, as well. Of those who were victims of identity theft (i.e., had personal information stolen and used to obtain credit cards or loans), 44% responded by reducing and controlling their online activity.

In addition to lingering mistrust, cybercrime creates an additional hazard for brands: negative social exposure. Across every category of cybercrime, upwards of 10% of victims said they had posted about their experience in social networks.